Archive

Posts Tagged ‘eepc’

Decrypt Full Disk Encryption products for $299 – Well, it got cheaper at least

December 21, 2012 Leave a comment

Many people have contacted my team and I over the last few days about the recent announcement by ElcomSoft, that they offer a tool to decrypt Bitlocker, PGP and Truecrypt volumes.

This $299 tool is advertised as getting you access to this encrypted data quickly and easily…

Now, this may sound exciting, but as they say, there’s always a catch – you need a memory dump from the machine from when it was authenticated to use this tool – yes, no recovery if you find a cold machine. You have to get access to it while it’s on and the user has logged in, then, after they switch it off, you can recover the data..

Sounds familiar? Well it should, it’s exactly the same idea Passware.com released to the world back in 2010 – I even blogged about it then… Read more…

Advertisement
Categories: Exploits, Full Disk Encryption Tags: , , ,

ToastCache for EEPC/EEM v5

March 28, 2011 1 comment

I finally got around to posting ToastCache to my CTOGoneWild site. This is a simple script which  uses a couple of tricks, and a kludge to force the EEM v5 Name index to rebuild on demand.

The EEM Name Index is one of the most useful performance enhancements you can enable within the product – certainly any database running more than 2000 machines needs it turned on to give reasonable performance.  The Index speeds up Name>ID resolution. Without it, the server has to crawl the entire database searching for an object which matches the name it’s looking for – This means that logging on slows down for new users (they are placed at the end of the db), and also creating new things takes more time (as the DB has to be trawled end-to-end looking to see if the name is already in use).

The index resolves both of these, and more scenarios by maintaining a “bucket list” of hashed names>IDs. Read more…

Categories: Full Disk Encryption, Programming Tags: , ,